class AccountsController < ApplicationController
  layout "article"
  def login
  end
  
  def logout
    if request.post?
      reset_session
      cookies.delete :login
      flash[:notice] = "用户已被注销！"
    end
    redirect_to :controller => "home", :action => 'index'
  end
  
  def authenticate
    self.logged_in_user = User.authenticate(params[:user][:username], params[:user][:password])
    if is_logged_in?
      flash[:notice] = "欢迎使用系统！"
      #生成一个加密的编码
      #没有选中不会传递过来，这个值是nil
      if params[:rememberme]
        loginuser=params[:user][:username]+":"+params[:user][:password]
        cookies[:login]={:value=>"#{loginuser}",:expires => 1.month.from_now}
      end      
      redirect_to :controller => "home", :action => 'index'
    else
      flash[:error] = "对不起，用户无效或密码错误！"
      redirect_to :action => 'login'
    end
  end
  
  
end
